[Samba] Re: Migrate BACK to WINDOWS -> Talk me out of it QUICK
chris at lincom.net.au
Thu Sep 16 00:34:53 GMT 2004
So what are you thinking? reinstall your remote servers with MS Terminal
servers instead of Samba I'm assuming that each Samba server is DC and
authenticated users. If this assumption is correct then you would want the
terminal server installed as a DC? right. Well this sort of config is
possible but it is certainly not recommended. You could possible exposing
the SAM or the AD to the use base a major security hole, and depending on
how may users you are authenticating you could be putting major strain on
the server and impacting on performance. In fact you will need to make
policy changes on your terminal servers to allow users to logon look at the
following MS article
depending on user base at remote sites you would more than likely always
have some sort of DC; Samba or Microsoft plus any application server
required i.e. a terminal server. Basic network design always says limit
network/authentication traffic over WAN links if you want happy users.
From: Dragan Krnic [mailto:dkrnic at lycos.com]
Sent: Wednesday, September 15, 2004 11:03 PM
Cc: samba at samba.org
Subject: [Samba] Re: Migrate BACK to WINDOWS -> Talk me out of it QUICK
If you can't be more specific than
"Combine whatever is fitting best to your need and the users needs",
I don't see what your point is.
> i see no problem to have
> different kinds of servers in one Network, if it makes sense from the
> desired needs, i have serveral Terminal servers and a samba pdc, in
> different offices and locations.
> I would warn to make a pseudo religios discussion out of that.
> Combine whatever is fitting best to your and the users needs.
> for file services i would preffer samba ever.
>> I think I'm clear about what this young Jedi knight is asking. His
>> conundrum is that he'll end up with way too many servers if he
>> implements both a Windows Terminal Server and a Samba file and
>> printer server on separate machines. Centralizing the Terminal Server
>> on a big machine would entail dramatic traffic load on his thin 1/2
>> T-1 wire, even if he leaves one Samba server on each site for files
>> and printing. So basically he asks: Does it not make more sense to
>> just add file and print services to the MS Windows Terminal Servers ?
>> And the answer is: Of course, it doesnt!
>> You don't wanna be on the wrong side of the Force, do you, Chris?
>> The way I see it, Chris should put his w2k3 in a vmware sandbox on
>> his quad opteron samba server, ideally. Then install some NX magic
>> and live happily ever after, with one central Samba server, (+
>> stand-by) subleting a couple of w2k3 avatars under vmware. Or vice
>> Let the Force be with you,
>>>sorry but i am not clear what is your Question?
>>>>Not thinking about migrating back due to issues, it is more due to
>>>>implementation needs and a little situation I have been wrestling
>>>>with for a bit now, and would love some feedback
>>>>First a little history:
>>>>We currently have 10 locations connected via a dedicated 1/2 T-1.
>>>>Last year I migrated from a WINNT domain to a Samba/LDAP domain. It
>>>>has been running great. Basically did this for license reasons as
>>>>well as reduced administrative horror.
>>>>We have just started to roll out Thinstation thin-clients that are
>>>>connecting to Win TSRV servers.
>>>>What is being planned is 1 Terminal Server per location.
>>>>This will significantly reduce the adminstrative nightmare on
>>>>multiple Windows boxes and centralize it.
>>>>However, this is where I start to feel that I am having too many
>>>>servers per location, seeing that the windows server could do what
>>>>the Samba server is doing, I am in debate about moving back to
>>>>windows (I have will need to licenses and boxes there anyhows)
>>>>One other option is just ot house a ginormous WIN-TSRV at the
>>>>central location. However, I am afraid of issues with printing back
>>>>to the remote locations (pushing large files through the 1/2 T-1 to
>>>>A Another option is to remove the samba servers from the remote
>>>>location, and just have a samba PDC with authenticating windows tsrv
>>>>machines. - I dont like this option for some reason
>>>>I really dont want to move away from the SAMBA backend, but at the
>>>>same time dont want to stay with it just because I 'like it' and I
>>>>'want to'. So I am looking for discussion/arguements as to why I
>>>>should stay with the Samba server and a win-tsrv server, as opposed
>>>>to just moving to a MS backend.
>>>>Please Obi-won Kenobi, you are our only help! thanks
More information about the samba